aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile52
-rw-r--r--daemon.c41
-rw-r--r--hal_internal.h28
-rw-r--r--rpc_client_daemon.c6
-rw-r--r--rpc_client_serial.c9
-rw-r--r--rpc_serial.c43
-rw-r--r--rpc_server.c3
-rw-r--r--serial_internal.h43
-rw-r--r--slip_internal.h3
9 files changed, 108 insertions, 120 deletions
diff --git a/Makefile b/Makefile
index 3d42d8f..9f9b25e 100644
--- a/Makefile
+++ b/Makefile
@@ -41,10 +41,10 @@ LIB = libhal.a
USAGE := "usage: ${MAKE} [IO_BUS=eim|i2c|fmc] [RPC_MODE=none|server|client-simple|client-mixed] [KS=volatile|mmap|flash] [RPC_TRANSPORT=none|loopback|serial|daemon] [MODEXP_CORE=no|yes]"
-IO_BUS ?= eim
+IO_BUS ?= none
KS ?= volatile
RPC_MODE ?= none
-RPC_TRANSPORT ?= serial
+RPC_TRANSPORT ?= none
MODEXP_CORE ?= no
ifeq (,$(and \
@@ -72,7 +72,8 @@ endif
# makefile, so the working definition of "always want" is sometimes
# just "building this is harmless even if we don't use it."
-OBJ = errorstrings.o hash.o asn1.o ecdsa.o rsa.o ${KS_OBJ}
+OBJ += errorstrings.o hash.o asn1.o ecdsa.o rsa.o ${KS_OBJ} xdr.o slip.o
+OBJ += rpc_api.o rpc_hash.o rpc_misc.o rpc_pkey.o rpc_client.o rpc_server.o
# Object files to build when we're on a platform with direct access
# to our hardware (Verilog) cores.
@@ -128,7 +129,7 @@ endif
# client-mixed: Like client-simple but do hashing locally in software and
# support a local keystore (for PKCS #11 public keys, etc)
#
-# RPC_TRANSPORT = loopback | serial | daemon
+# RPC_TRANSPORT = none | loopback | serial | daemon
# loopback: Communicate over loopback socket on Novena
# serial: Communicate over USB in serial pass-through mode
# daemon: Communicate over USB via a daemon, to arbitrate multiple clients
@@ -138,45 +139,35 @@ endif
# the C preprocessor: we can use symbolic names so long as they're defined as macros
# in the C code, but we can't use things like C enum symbols.
-ifneq "${RPC_MODE}" "none"
- OBJ += rpc_api.o xdr.o
+ifneq "${RPC_MODE}" "server"
+ OBJ += rpc_serial.o
endif
-ifeq "${RPC_MODE}" "server"
- OBJ += slip.o
-else ifeq "${RPC_TRANSPORT}" "serial"
- OBJ += slip.o rpc_serial.o
-endif
-
-RPC_CLIENT_OBJ = rpc_client.o
ifeq "${RPC_TRANSPORT}" "loopback"
- RPC_CLIENT_OBJ += rpc_client_loopback.o
+ RPC_CLIENT_OBJ = rpc_client_loopback.o
else ifeq "${RPC_TRANSPORT}" "serial"
- RPC_CLIENT_OBJ += rpc_client_serial.o
+ RPC_CLIENT_OBJ = rpc_client_serial.o
else ifeq "${RPC_TRANSPORT}" "daemon"
- RPC_CLIENT_OBJ += rpc_client_daemon.o
+ RPC_CLIENT_OBJ = rpc_client_daemon.o
endif
-RPC_DISPATCH_OBJ = rpc_hash.o rpc_misc.o rpc_pkey.o
-
-RPC_SERVER_OBJ = rpc_server.o
ifeq "${RPC_TRANSPORT}" "loopback"
- RPC_SERVER_OBJ += rpc_server_loopback.o
+ RPC_SERVER_OBJ = rpc_server_loopback.o
else ifeq "${RPC_TRANSPORT}" "serial"
- RPC_SERVER_OBJ += rpc_server_serial.o
+ RPC_SERVER_OBJ = rpc_server_serial.o
endif
ifeq "${RPC_MODE}" "none"
OBJ += ${CORE_OBJ}
CFLAGS += -DHAL_RSA_USE_MODEXP=${RSA_USE_MODEXP_CORE}
else ifeq "${RPC_MODE}" "server"
- OBJ += ${CORE_OBJ} ${RPC_SERVER_OBJ} ${RPC_DISPATCH_OBJ}
+ OBJ += ${CORE_OBJ} ${RPC_SERVER_OBJ}
CFLAGS += -DRPC_CLIENT=RPC_CLIENT_LOCAL -DHAL_RSA_USE_MODEXP=${RSA_USE_MODEXP_CORE}
else ifeq "${RPC_MODE}" "client-simple"
OBJ += ${RPC_CLIENT_OBJ}
CFLAGS += -DRPC_CLIENT=RPC_CLIENT_REMOTE -DHAL_RSA_USE_MODEXP=0
else ifeq "${RPC_MODE}" "client-mixed"
- OBJ += ${RPC_CLIENT_OBJ} ${RPC_DISPATCH_OBJ}
+ OBJ += ${RPC_CLIENT_OBJ}
CFLAGS += -DRPC_CLIENT=RPC_CLIENT_MIXED -DHAL_RSA_USE_MODEXP=0
KS = volatile
endif
@@ -207,18 +198,21 @@ all: ${LIB}
cd utils; ${MAKE} $@
client:
- ${MAKE} RPC_MODE=client-simple
+ ${MAKE} RPC_MODE=client-simple RPC_TRANSPORT=daemon
mixed:
- ${MAKE} RPC_MODE=client-mixed
+ ${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon
server:
- ${MAKE} RPC_MODE=server
+ ${MAKE} RPC_MODE=server RPC_TRANSPORT=serial IO_BUS=fmc
-daemon: cryptech_rpcd
- ${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon
+serial:
+ ${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=serial
+
+daemon:
+ ${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon ${LIB} cryptech_rpcd
-cryptech_rpcd: daemon.o slip.o rpc_serial.o xdr.o
+cryptech_rpcd: daemon.o ${LIB}
${CC} ${CFLAGS} -o $@ $^ ${LDFLAGS}
${OBJ}: ${INC}
diff --git a/daemon.c b/daemon.c
index 7991710..81851ed 100644
--- a/daemon.c
+++ b/daemon.c
@@ -42,6 +42,7 @@
#include <getopt.h> /* required with -std=c99 */
#include <termios.h> /* for default speed */
+#include "hal_internal.h"
#include "slip_internal.h"
#include "xdr_internal.h"
@@ -99,32 +100,13 @@ static void poll_remove(int fd)
/* if it's not found, return without an error */
}
-#ifndef MAX_PKT_SIZE /* move this to hal_internal.h */
-#define MAX_PKT_SIZE 4096
-#endif
-
typedef struct {
size_t len;
- uint8_t buf[MAX_PKT_SIZE];
+ uint8_t buf[HAL_RPC_MAX_PKT_SIZE];
} rpc_buffer_t;
static rpc_buffer_t ibuf, obuf;
-#ifndef DEVICE
-#define DEVICE "/dev/ttyUSB0"
-#endif
-
-#ifndef SPEED
-#define SPEED B921600
-#endif
-
-#ifndef B921600
-#define B921600 921600
-#endif
-
-#ifndef SOCKET_NAME
-#define SOCKET_NAME "/tmp/cryptechd.socket"
-#endif
-char *socket_name = SOCKET_NAME;
+const char *socket_name = HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME;
/* Set up an atexit handler to remove the filesystem entry for the unix domain
* socket. This will trigger on error exits, but not on the "normal" SIGKILL.
@@ -151,8 +133,8 @@ int main(int argc, char *argv[])
int lsock;
int dsock;
int opt;
- char *device = DEVICE;
- speed_t speed = SPEED;
+ const char *device = HAL_CLIENT_SERIAL_DEFAULT_DEVICE;
+ uint32_t speed = HAL_CLIENT_SERIAL_DEFAULT_SPEED;
while ((opt = getopt(argc, argv, "hn:d:s:")) != -1) {
switch (opt) {
@@ -168,10 +150,7 @@ int main(int argc, char *argv[])
case 's':
switch (atoi(optarg)) {
case 115200:
- speed = B115200;
- break;
case 921600:
- speed = B921600;
break;
default:
printf("invalid speed value %s\n", optarg);
@@ -218,11 +197,13 @@ int main(int argc, char *argv[])
*/
memset(&name, 0, sizeof(struct sockaddr_un));
- /* Bind the listening socket.
+ /* Bind the listening socket. On some platforms, we have to pass the "real"
+ * (number of bytes in use) length of the sockaddr_un to get the name bound
+ * correctly, so use the SUN_LEN() macro to calculate that.
*/
name.sun_family = AF_UNIX;
strncpy(name.sun_path, socket_name, sizeof(name.sun_path) - 1);
- ret = bind(lsock, (const struct sockaddr *) &name, sizeof(struct sockaddr_un));
+ ret = bind(lsock, (const struct sockaddr *) &name, SUN_LEN(&name));
if (ret == -1) {
perror("bind");
exit(EXIT_FAILURE);
@@ -290,9 +271,9 @@ int main(int argc, char *argv[])
/* client data socket */
else {
- const uint8_t * const limit = obuf.buf + MAX_PKT_SIZE;
+ const uint8_t * const limit = obuf.buf + HAL_RPC_MAX_PKT_SIZE;
/* Get the client's rpc request packet. */
- obuf.len = recv(pollfds[i].fd, obuf.buf, MAX_PKT_SIZE, 0);
+ obuf.len = recv(pollfds[i].fd, obuf.buf, HAL_RPC_MAX_PKT_SIZE, 0);
#ifdef DEBUG
printf("data socket %d received request:\n", pollfds[i].fd);
hexdump(obuf.buf, obuf.len);
diff --git a/hal_internal.h b/hal_internal.h
index e238bcf..7a97a87 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -450,6 +450,34 @@ typedef enum {
#define RPC_CLIENT_MIXED 2
#define RPC_CLIENT_NONE 3
+/*
+ * Maximum size of a HAL RPC packet.
+ */
+
+#ifndef HAL_RPC_MAX_PKT_SIZE
+#define HAL_RPC_MAX_PKT_SIZE 4096
+#endif
+
+/*
+ * Location of AF_UNIX socket for RPC client mux daemon.
+ */
+
+#ifndef HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME
+#define HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME "/tmp/cryptech_rpcd.socket"
+#endif
+
+/*
+ * Default device name and line speed for HAL RPC serial connection to HSM.
+ */
+
+#ifndef HAL_CLIENT_SERIAL_DEFAULT_DEVICE
+#define HAL_CLIENT_SERIAL_DEFAULT_DEVICE "/dev/ttyUSB0"
+#endif
+
+#ifndef HAL_CLIENT_SERIAL_DEFAULT_SPEED
+#define HAL_CLIENT_SERIAL_DEFAULT_SPEED 921600
+#endif
+
#endif /* _HAL_INTERNAL_H_ */
/*
diff --git a/rpc_client_daemon.c b/rpc_client_daemon.c
index f328302..dea352f 100644
--- a/rpc_client_daemon.c
+++ b/rpc_client_daemon.c
@@ -41,10 +41,6 @@
#include "hal.h"
#include "hal_internal.h"
-#ifndef SOCKET_NAME
-#define SOCKET_NAME "/tmp/cryptechd.socket"
-#endif
-
static int sock = -1;
hal_error_t hal_rpc_client_transport_init(void)
@@ -57,7 +53,7 @@ hal_error_t hal_rpc_client_transport_init(void)
return perror("socket"), HAL_ERROR_RPC_TRANSPORT;
memset(&name, 0, sizeof(struct sockaddr_un));
name.sun_family = AF_UNIX;
- strncpy(name.sun_path, SOCKET_NAME, sizeof(name.sun_path) - 1);
+ strncpy(name.sun_path, HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME, sizeof(name.sun_path) - 1);
ret = connect(sock, (const struct sockaddr *) &name, sizeof(struct sockaddr_un));
if (ret == -1)
return perror("connect"), HAL_ERROR_RPC_TRANSPORT;
diff --git a/rpc_client_serial.c b/rpc_client_serial.c
index b27c255..149998e 100644
--- a/rpc_client_serial.c
+++ b/rpc_client_serial.c
@@ -33,6 +33,7 @@
*/
#include <stdio.h>
+#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
@@ -44,15 +45,9 @@
#include "hal_internal.h"
#include "slip_internal.h"
-/* XXX These REALLY ought to be passed from the client app command line,
- * rather than compiled into the library.
- */
-#define DEVICE "/dev/ttyUSB1"
-#define SPEED B921600
-
hal_error_t hal_rpc_client_transport_init(void)
{
- return hal_serial_init(DEVICE, SPEED);
+ return hal_serial_init(HAL_CLIENT_SERIAL_DEFAULT_DEVICE, HAL_CLIENT_SERIAL_DEFAULT_SPEED);
}
hal_error_t hal_rpc_client_transport_close(void)
diff --git a/rpc_serial.c b/rpc_serial.c
index dc5821f..98a1d20 100644
--- a/rpc_serial.c
+++ b/rpc_serial.c
@@ -44,12 +44,28 @@
#include "hal_internal.h"
#include "slip_internal.h"
+/*
+ * Not thrilled about having OS-specific conditionals, but as such things
+ * go, this seems relatively safe: gcc and clang both define it on Mac OS X,
+ * and anything *not* on Mac OS X which defines it is begging for trouble.
+ */
+
+#ifndef HAL_RPC_SERIAL_USE_MACOSX_IOCTL
+#define HAL_RPC_SERIAL_USE_MACOSX_IOCTL (defined(__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__))
+#endif
+
+#if HAL_RPC_SERIAL_USE_MACOSX_IOCTL
+#include <IOKit/serial/ioss.h>
+#include <sys/ioctl.h>
+#endif
+
static int fd = -1;
-hal_error_t hal_serial_init(const char * const device, const speed_t speed)
+hal_error_t hal_serial_init(const char * const device, const uint32_t speed)
{
struct termios tty;
-
+ speed_t termios_speed;
+
fd = open(device, O_RDWR | O_NOCTTY | O_SYNC);
if (fd == -1) {
fprintf(stderr, "open %s: ", device);
@@ -59,9 +75,32 @@ hal_error_t hal_serial_init(const char * const device, const speed_t speed)
if (tcgetattr (fd, &tty) != 0)
return perror("tcgetattr"), HAL_ERROR_RPC_TRANSPORT;
+#if HAL_RPC_SERIAL_USE_MACOSX_IOCTL
+
+ termios_speed = speed;
+
+ if (ioctl(fd, IOSSIOSPEED, &speed) < 0)
+ return perror("ioctl()"), HAL_ERROR_RPC_TRANSPORT;
+
+#else
+
+ switch (speed) {
+ case 115200:
+ termios_speed = B115200;
+ break;
+ case 921600:
+ termios_speed = B921600;
+ break;
+ default:
+ fprintf(stderr, "invalid line speed %lu\n", (unsigned long) speed);
+ return HAL_ERROR_RPC_TRANSPORT;
+ }
+
cfsetospeed (&tty, speed);
cfsetispeed (&tty, speed);
+#endif
+
tty.c_cflag &= ~CSIZE;
tty.c_cflag |= (CS8 | CLOCAL | CREAD);
diff --git a/rpc_server.c b/rpc_server.c
index 9089aea..7b06780 100644
--- a/rpc_server.c
+++ b/rpc_server.c
@@ -755,10 +755,9 @@ void hal_rpc_server_dispatch(const uint8_t * const ibuf, const size_t ilen,
hal_xdr_encode_int(&optr, olimit, ret);
}
-#define MAX_PKT_SIZE 4096
#define interrupt 0
-static uint8_t inbuf[MAX_PKT_SIZE], outbuf[MAX_PKT_SIZE];
+static uint8_t inbuf[HAL_RPC_MAX_PKT_SIZE], outbuf[HAL_RPC_MAX_PKT_SIZE];
void hal_rpc_server_main(void)
{
diff --git a/serial_internal.h b/serial_internal.h
deleted file mode 100644
index abf2259..0000000
--- a/serial_internal.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * serial_internal.c
- * -----------------
- * Low-level serial transport functions.
- *
- * Copyright (c) 2016, NORDUnet A/S All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- * - Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * - Neither the name of the NORDUnet nor the names of its contributors may
- * be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _HAL_SERIAL_INTERNAL_H
-#define _HAL_SERIAL_INTERNAL_H
-
-hal_error_t hal_serial_init(const char * const device, const speed_t speed, int * const fdp);
-hal_error_t hal_serial_close(void);
-int hal_serial_send_char(const uint8_t c);
-int hal_serial_recv_char(uint8_t * const c);
-
-#endif /* _HAL_SERIAL_INTERNAL_H */
diff --git a/slip_internal.h b/slip_internal.h
index e3b7af0..4c36c31 100644
--- a/slip_internal.h
+++ b/slip_internal.h
@@ -50,8 +50,7 @@ extern hal_error_t hal_serial_send_char(const uint8_t c);
extern hal_error_t hal_serial_recv_char(uint8_t * const c);
#ifndef STM32F4XX
-#include <termios.h> /* speed_t */
-extern hal_error_t hal_serial_init(const char * const device, const speed_t speed);
+extern hal_error_t hal_serial_init(const char * const device, const uint32_t speed);
extern hal_error_t hal_serial_close(void);
extern int hal_serial_get_fd(void);
#endif